<?
session_start();

class User {
    private function __construct() {}
    private function __clone() {}
      
    //Properties 
    
    public static function id(){ 
      return $_SESSION["data"]["id"];
    }
    
    public static function email(){ 
      return $_SESSION["data"]["email"];
    }
    
    public static function isAutentified(){
      return $_SESSION["isAutentified"];
    }
    
    public static function lastLogin(){
      return $_SESSION["lastLogin"];
    }
    
    public static function userData(){
      return $_SESSION["data"];
    }
    
    public static function isAdmin() {
      $id = User::id();
      return  ( $id == "10" || $id == "21" || $id == "22" || $id == "36");
    }    

    //Login/Logout
   
    public static function login($email, $pass){
      $sql = "SELECT * FROM users WHERE email='$email'";
      $result = mysql_query($sql) or die(mysql_error());
      $userData = mysql_fetch_assoc($result);   
      
      if(crypt($pass, $userData[pass]) == $userData[pass]) {
        $_SESSION["data"] = $userData;      
        $_SESSION["isAutentified"] = true;
        $_SESSION["lastLogin"] = date("Y-n-j H:i:s"); //formato aaaa-mm-dd hh:mm:ss 
        return true;
      }
    }
    
    public static function logout(){
      $_SESSION["isAutentified"] =  false;
      $_SESSION["data"] = null;
      session_destroy(); 
    }
    
    
    public static function register($email,$organizacion,$nombre,$pass){
      // Your code here to handle a successful verification     
      $crypt_pass=crypt($pass);
      $sql = "INSERT INTO users (email,pass,organizacion,nombre,registered_date) VALUES ('$email', '$crypt_pass', '$organizacion', '$nombre', NOW())";
      mysql_query($sql);
    }
    
    //Change Pass
    
    public static function isRegistered($email) {
      $sql = "SELECT id FROM users WHERE email='$email'";
      $result = mysql_query($sql) or die(mysql_error());
      $result = ($row = mysql_fetch_array($result));
      return $result;
    }

    
    public static function mailResetPass($email){
      $better_token = md5(uniqid(mt_rand(), true));
      $better_token = substr($better_token, 0, 50);
  
      $res = mysql_query("UPDATE users SET reset_token = '$better_token' WHERE email='$email'");
  
      $cabeceras  = 'MIME-Version: 1.0' . "\r\n";
      $cabeceras .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
      $cabeceras .= 'From: Manifiestate.net <info@manifiestate.net>' . "\r\n";
      
      if($res) {
        mail($email, "Recuperacion de Contraseña", "Para cambiar la contraseña visita el siguiente enlace: 
          <br><br>http://manifiestate.net/cambiopass.php?email=$email&token=$better_token", $cabeceras);
        //DEBUG
        //echo "http://manifiestate.net/cambiopass.php?email=$email&token=$better_token";
        return true;
      }
    }
    
    public static function resetPass($email, $token, $pass){
      $sql = "SELECT reset_token FROM users WHERE email='$email'";
      $result = mysql_query($sql) or die(mysql_error());
      $userData = mysql_fetch_assoc($result);   
      
      //Comprobamos que el token introducido es correcto         
      if(($userData[reset_token]!= "") && ($userData[reset_token] == $token)) {
        $crypt_pass=crypt($pass);
  
        $sql = "UPDATE  users SET pass='$crypt_pass', reset_token='' WHERE email='$email'";
        mysql_query($sql);
        return true;
      }
      return false;
    }
    
    
}

?>